by Insight Credit Union

Main menu

Category Archives: Security

Text messaging has come under attack as one of the most vulnerable mediums for identity theft and more. Here’s what you need to know about an SMS message-based scam called “smishing.”

How it works

Smishing scams use text messages to establish contact with the intended victim to later access their personal information.

The scam begins with a supposedly urgent text appearing to be from the victim’s financial institution. The text may claim that the victim’s checking account is locked, or that there has been an unauthorized purchase charged to the victim’s account. The scammer will warn that immediate action must be taken.

The victim is then instructed to call a specified number and, upon doing so, will be asked to share their financial information. Once they’ve got their hands on this info, the scammer is free to steal the victim’s identity, empty their accounts or go on a shopping spree on the victim’s dime.

Who are the victims?

Smishing scams primarily target people who do their banking online, but fraudsters will use any cellphone number they can find. If you own a checking account and a cellphone, you are a candidate for a smishing scam.

Recognizing smishing scams

Insight Credit Union will not alert you of a possible fraud or account lockdown via text; we prefer more personal means to help you know it’s us.

Also, the phone number the smishing text instructs you to call is not ours. You can reach us at 407.426.6000 or Toll-Free 888.843.8328. If you’re told to contact us at a different number, it’s not us you’re calling!

What to do if you’ve been targeted

If you receive a suspicious-looking text, do not engage the texter! Jot down the scammer’s number and delete the message. Let us know about the smishing attempt, tell all your friends and alert the FTC.

If you’ve fallen for the scam and your accounts have been compromised, alert your credit card companies and be sure to let us know, too.

Medicare is replacing its old cards with new ones which contain an 11-digit code instead of a Social Security number. Unfortunately, even though the cards have not yet been fully issued, scammers are taking advantage of this change.

A caller pretending to be a Medicare representative will ask for payment in exchange for the new ID. Alternatively, the caller might claim to need the victim’s medical information to send out their new card. In reality, the cards are free and will be mailed automatically.

In another variation, a caller will wrongly insist that the victim must purchase Medicare’s prescription drug coverage or risk losing all coverage.

In another ruse not limited to Medicare members, the caller asks for the victim’s checking account number and Social Security number to deposit a supposed refund from their insurer.

Once the scammer has the victim’s medical information, though, they can:

Pose as the victim to see a doctor

Obtain prescriptions

File a false health claim

Don’t be the next victim!

Here’s what you need to know about medical identity theft.

The cost

The average medical identity theft costs $13,500 to fix, but can affect other areas of life and home, such as:

1.) Loss of health coverage

Scammers might max out your benefit limits, leaving you with no coverage.

2.) Ruined credit history

Scammers can destroy your credit history by racking up hospital bills in your name and then disappearing.

3.) False medical records

When the scammer receives treatment in your name, it’s documented on your medical records. This can be extremely dangerous when you seek medical attention in the future.

4.) Higher premiums

The scammer’s medical activity may cause your premiums to rise.

Preventing medical scams

Take proactive steps to ensure you’re not the next victim.

Know that Medicare will never call you. They always contact members via mail.

Be wary of suspicious-looking bills from third-party providers. If you receive any, alert your insurer immediately.

Review your credit history often. If you see unfamiliar charges, immediately ask for a fraud alert and place a freeze on your credit.

Fixing your medical history

If you spot an error on your medical records, it’s crucial that you correct it so it doesn’t affect your medical treatment in the future. Send a copy of the documents detailing the discrepancy to every medical professional and facility involved in your care.

Fighting back

If you’ve been victimized by medical identity theft, be sure to report it!

If you are a member of Medicare, call 800-MEDICARE or visit Medicare.gov. Alternately, report the scam to your own insurance provider.

Now that we’ve given you red flags to look for, you’re armed with information to keep your medical identity safe. Be sure to check out the Security Center of our website. It offers a variety of valuable materials regarding information security. Check back often as content is updated regularly.

In a recent scam targeting millennials, fraudsters are once again cashing in on people’s naivety and goodwill. Only this time, they’re using social media to make it happen.

What makes the scam especially cruel is that fraudsters specifically look for cash-strapped victims who are desperate enough to believe almost anything in the hope of earning a quick buck. This vulnerability, coupled with the broad reach of social media, has made card cracking especially successful.

So what is card cracking? Card cracking scams start with an innocent-looking social media post. It will always showcase some form of quick cash. It might be an easy-to-win contest with a huge cash prize, a dream job that will instantly be yours – as soon as you follow the instructions – or a gift card that you’ll be granted just for sharing information. If you click on the embedded link, you’ll be asked for your checking account information, your PIN or your online banking credentials.

Once the scammers have this information, they can do any of a number of things, from withdrawing large sums of cash from your account to using your debit card number for a massive shopping spree.

In another variety of card cracking, scammers will claim their personal accounts are frozen and they have no access to money. They’ll ask the victim to allow them to access the victim’s account for simple transactions such as depositing checks. The scammers will then cash the checks and, a few days later, when the check bounces, the scammer is long gone. This variation is sometimes played out in person, on college campuses.

In yet a third scheme, card crackers will promise victims a cut of fraudulent funds if the victim allows them to use their accounts. Of course, the victim will be held liable when the scammers are busted.

Don’t be the next victim! Here’s how to protect yourself from card cracking:

1.) Never share personal information with a stranger

Never share sensitive information with a correspondent whose identity you cannot verify with absolute certainty.

2.) When it’s too good to be true, it usually is

Free or easy money exists only in fairy tales. Don’t believe social media post that sounds too good to be true.

3.) Never cash a check for someone else

If someone asks you to cash a check for them, politely refuse. Unless you would trust this person with your life, there is no reason to believe their tale is legitimate or that their check will be honored.

4.) Report suspicious activity

If you notice any suspicious activity on your account, report it immediately. You may have fallen prey to a card cracking scam and you don’t even know it!

Early this month, two security flaws were found in the architecture of chips designed by Intel. This potential breach may affect thousands of devices. Here’s what you need to know about the vulnerabilities.

The two flaws: Meltdown and Spectre
Meltdown is considered the less significant threat and has already been patched in many computers.

The Spectre vulnerability, on the other hand, is more problematic. It involves the foundation of the chips that form the computer’s infrastructure. This means it is likely that the problem can only be fixed by redesigning and replacing affected devices. It also impacts an allegedly secure area of the chip architecture, where information like passwords and encryption keys are stored. If exploited, it can grant hackers unchecked access to this information.
Since the two flaws represent problems in the hardware of the product, and not in the software, they are more difficult to patch. This also means the number of affected devices is astronomical and includes operating systems like Windows, Android, macOS and more.

Can the flaws be fixed?
As mentioned, the Meltdown vulnerability can be amended with a patch. While the patch resolves the vulnerability, it slows down computer systems by a full 30%. Despite this drawback, Intel urges all consumers to use the patch.
Spectre, though, has no known fix. Many experts claim that redesigning computers may not even resolve the flaw, as there is currently no known solution for the problem. It can be many years before computers and chips include fixes for the Spectre flaw.

Have the flaws been exploited?
Fortunately, there have been no known exploits of the flaws thus far.

How has Intel responded to the flaws?
Security researchers have actually known about the flaws for months – and have been working to patch them during that time. In fact, most consumer systems are already patched against Meltdown.

Intel has also made several statements in response to the discovery, though it hasn’t addressed the problem of Spectre and the potential need for a massive redesign of its product.

“Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available,” Intel said.

Intel claims that Spectre and Meltdown patches will be coming to 90% of the company’s affected chips.

Is Intel the only company that has been affected by the discovery?
While Meltdown mostly impacted Intel chips, Spectre has affected other chips, including AMD and ARM processors and IBM’s Power chips.

Fingers continue to point at Intel. The company clearly knew about the problem for a while and failed to let the public know. Critics also claim Intel has not responded to pointed questions about Spectre.

What do I need to do now?
Be sure to apply any updates as they reach the market and keep your antivirus software updated and operating at its strongest level.